This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

MACLOCK preventing unauthorized mac address

MACLOCK preventing unauthorized mac address

Paulo_Silva
New Contributor

‎01-15-2016 06:44 PM

Hi.

I want to configure port's B5 (firmware 6.81) something like Cisco port security. I want statically provisioning a mac port lock. I configure this:

set maclock enable
set maclock trap ge.6.30 enable violation
set maclock syslog ge.6.30 enable violation
set maclock static ge.6.30 1
set maclock 00:1d:70:96:8c:1c ge.6.30 create

If an other device with a diferent mac address conect in this port, port go to down.

This way don't work, I tested.

Anyone can help me.

Thks.

0 Kudos
10 REPLIES 10

Paulo_Silva
New Contributor

‎01-18-2016 05:24 PM

Ronald, I understand.

I have to create each mac address I want to connect in this port.
When a change to happen, I will create a new entry and delete an old mac.

set maclock 00:0e:08:d4:c7:9f ge.6.30 create
set maclock 00:1d:70:96:8c:1c ge.6.30 create

What do you think? Is it correct?

0 Kudos

Paulo_Silva
New Contributor

‎01-18-2016 04:28 PM

I did this, but don't clear.

If I configure port firstarrival 0, the device with this mac don't work.

SW_B5_7B(su)->show mac port ge.6.30
No entries found.

Thks again for your help.
0 Kudos

Ronald_Dvorak
Honored Contributor

‎01-18-2016 03:36 PM

You could clear the violation with this command....

G3(su)->clear maclock violation disable-port ge.1.8
0 Kudos

Paulo_Silva
New Contributor

‎01-18-2016 12:34 PM

Hi, Ronald.

Another help.

Look what has happened. The mac address marked "last violation" not connected, like this mac address is prohibited.

1f530a86335641129f546322d89d1ccc_RackMultipart20160118-19196-58i7jf-Sele__o_112_inline.png



Do you know, how can I clear this entry?

0 Kudos
li.common.scroll-to.top
GTM-P2G8KFN